CVE-2018-11212
libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado.
A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. An attacker could use this vulnerability to cause a denial of service via a crafted file.
It was discovered that Libjpeg6b was not properly performing bounds checks when compressing PPM and Targa image files. An attacker could possibly use this issue to cause a denial of service. Chijin Zhou discovered that Libjpeg6b was incorrectly handling the EOF character in input data when generating JPEG files. An attacker could possibly use this issue to force the execution of a large loop, force excessive memory consumption, and cause a denial of service.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-05-16 CVE Reserved
- 2018-05-16 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-369: Divide By Zero
CAPEC
References (23)
| URL | Tag | Source |
|---|---|---|
| http://www.ijg.org | X_refsource_misc | |
| http://www.securityfocus.com/bid/106583 | Third Party Advisory | |
| https://github.com/zzyyrr/divide-by-zero-in-libjpeg-9d.git | X_refsource_misc | |
| https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html | Mailing List |
|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us | X_refsource_confirm | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9a | 2024-08-05 |
| URL | Date | SRC |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20190118-0001 | 2022-04-20 | |
| https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html | 2022-04-20 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html | 2022-04-20 | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html | 2022-04-20 | |
| http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:0469 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:0472 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:0473 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:0474 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:0640 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:1238 | 2022-04-20 | |
| https://access.redhat.com/errata/RHSA-2019:2052 | 2022-04-20 | |
| https://usn.ubuntu.com/3706-1 | 2022-04-20 | |
| https://usn.ubuntu.com/3706-2 | 2022-04-20 | |
| https://access.redhat.com/security/cve/CVE-2018-11212 | 2019-08-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1579973 | 2019-08-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ijg Search vendor "Ijg" | Libjpeg Search vendor "Ijg" for product "Libjpeg" | 9a Search vendor "Ijg" for product "Libjpeg" and version "9a" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | esm |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | * | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | >= 7.3 Search vendor "Netapp" for product "Oncommand Unified Manager" and version " >= 7.3" | windows |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | >= 9.4 Search vendor "Netapp" for product "Oncommand Unified Manager" and version " >= 9.4" | vmware_vsphere |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Workflow Automation Search vendor "Netapp" for product "Oncommand Workflow Automation" | * | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | * | oracle |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | * | sap |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jdk Search vendor "Oracle" for product "Jdk" | 1.7.0 Search vendor "Oracle" for product "Jdk" and version "1.7.0" | update201 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jdk Search vendor "Oracle" for product "Jdk" | 1.8.0 Search vendor "Oracle" for product "Jdk" and version "1.8.0" | update192 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jdk Search vendor "Oracle" for product "Jdk" | 11.0.1 Search vendor "Oracle" for product "Jdk" and version "11.0.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jre Search vendor "Oracle" for product "Jre" | 8.0 Search vendor "Oracle" for product "Jre" and version "8.0" | update_191 |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Satellite Search vendor "Redhat" for product "Satellite" | 5.8 Search vendor "Redhat" for product "Satellite" and version "5.8" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||